Skip to content
Permalink
Browse files

Add support for pure-ish instance methods

  • Loading branch information...
muglug committed Aug 8, 2019
1 parent 747782d commit d5e2c323d3821b62cdec743d857418208f378f81
@@ -1216,6 +1216,31 @@ function (Assertion $assertion) use ($class_template_params) : Assertion {
);
}
}
if ($return_type_candidate && $codebase->taint && $method_id) {
if ($method_storage && $method_storage->pure) {
$code_location = new CodeLocation($statements_analyzer->getSource(), $stmt);
$method_source = new TypeSource(
strtolower(
$method_id
. '-' . $code_location->file_name
. ':' . $code_location->raw_file_start
),
new CodeLocation($source, $stmt->name)
);
} else {
$method_source = new TypeSource(
strtolower($method_id),
new CodeLocation($source, $stmt->name)
);
}
if ($codebase->taint->hasPreviousSource($method_source)) {
$return_type_candidate->tainted = 1;
$return_type_candidate->sources = [$method_source];
}
}
}
}
}
@@ -1289,15 +1314,6 @@ function (Assertion $assertion) use ($class_template_params) : Assertion {
);
}
if ($codebase->taint && $method_id) {
$method_source = new TypeSource(strtolower($method_id), new CodeLocation($source, $stmt->name));
if ($codebase->taint->hasPreviousSource($method_source)) {
$return_type_candidate->tainted = 1;
$return_type_candidate->sources = [$method_source];
}
}
if (!$return_type) {
$return_type = $return_type_candidate;
} else {
@@ -2826,16 +2826,18 @@ private static function processTaintedness(
);
}
if ($function_param->is_sink && $input_type->tainted) {
if (IssueBuffer::accepts(
new TaintedInput(
'in path ' . $codebase->taint->getPredecessorPath($method_source)
. ' out path ' . $codebase->taint->getSuccessorPath($method_source),
$code_location
),
$statements_analyzer->getSuppressedIssues()
)) {
// fall through
if ($function_param->is_sink && $input_type->tainted && $input_type->sources) {
foreach ($input_type->sources as $input_source) {
if (IssueBuffer::accepts(
new TaintedInput(
'in path ' . $codebase->taint->getPredecessorPath($input_source)
. ' out path ' . $codebase->taint->getSuccessorPath($method_source),
$code_location
),
$statements_analyzer->getSuppressedIssues()
)) {
// fall through
}
}
} elseif ($input_type->sources) {
if ($function_is_pure) {

0 comments on commit d5e2c32

Please sign in to comment.
You can’t perform that action at this time.